(提案)集群最近- 85 - 43的候选人

我最近提出集群——85年由编辑委员会审查和投票。名称:最近- 85描述:候选人宣布1/5/2002与2/5/2002大小:43通过修改这封邮件你可能投票的候选人投票,将它寄回给我,或通过使用CVE投票网站。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2002-0196 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0196最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020122(转帖)CwpApi: GetRelativePath()返回无效路径(安全顾问)参考:网址:http://online.securityfocus.com/archive/1/251699参考:确认:http://sourceforge.net/forum/forum.php?forum_id=144966参考:报价:3924参考:网址:http://online.securityfocus.com/bid/3924参考:XF: cwpapi-getrelativepath-view-files(7981)参考:网址:http://www.iss.net/security_center/static/7981.phpGetRelativePath在ACD合并CwpAPI 1.1只验证如果服务器根路径内的某个地方,这可能允许远程攻击者读或写文件之外的web根,其他包括web根目录的路径。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0196 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0211网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0211最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020126漏洞报告其舞曲企业3。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101208650722179&w=2参考:BUGTRAQ: 20020404利用其舞曲企业3安装(3966年收购)参考:网址:http://online.securityfocus.com/archive/1/265845参考:确认:http://www.tarantella.com/security/bulletin - 04. - html参考:报价:3966参考:网址:http://online.securityfocus.com/bid/3966参考:XF: tarantella-gunzip-tmp-race(7996)参考:网址:http://www.iss.net/security_center/static/7996.php竞态条件的安装脚本在3.01到3.20之间创建了一个对外公开其舞曲企业3临时“gunzip”计划在执行之前,这可能允许本地用户执行任意命令执行之前,通过修改程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0211 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0226网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0226最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020201在所有版本的漏洞DCForum从dcscripts.com参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101258311519504&w=2参考:确认:http://www.dcscripts.com/bugtrac/DCForumID7/3.html参考:报价:4014参考:网址:http://www.securityfocus.com/bid/4014参考:XF: dcforum-cgi-recover-passwords(8044)参考:网址:http://www.iss.net/security_center/static/8044.phpretrieve_password。pl DCForum 6。x和基于sessionID 2000生成可预测的新密码,远程攻击者可以代表另一个用户请求一个新密码并使用sessionID计算用户的新密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0226 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0230网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0230最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020204 (SUPERPETZ咨询# 002 - Faq-O-Matic跨站点脚本漏洞)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101285834018701&w=2参考:BUGTRAQ: 20020205 Faq-O-Matic跨站点脚本参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101293973111873&w=2参考:确认:http://sourceforge.net/mailarchive/forum.php?thread_id=464940&forum_id=6367参考:DEBIAN: dsa - 109参考:网址:http://www.debian.org/security/2002/dsa - 109在fom跨站脚本漏洞。cgi Faq-O-Matic 2.712允许远程攻击者执行任意Javascript在其他客户通过cmd参数,导致脚本插入一条错误消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0230 1供应商确认:是的确认:faqomatic-users列表的电子邮件归档,供应商状态”的修复cmd = > <脚本在CVS CSS错误现在。”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0237网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0237最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020209警报:ISS我内核溢出利用参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101321744807452&w=2参考:BUGTRAQ: 20020204漏洞在黑冰后卫参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101286393404301&w=2参考:NTBUGTRAQ: 20020209警告:ISS我内核溢出利用参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=101353165915171&w=2参考:BUGTRAQ: 20020206黑冰萍脆弱性附注参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101302424803268&w=2参考:国际空间站:20020204 DoS和潜在溢出漏洞我产品参考:网址:http://www.iss.net/security_center/alerts/advise109.php参考:报价:4025参考:网址:http://online.securityfocus.com/bid/4025参考:XF: blackice-ping-flood-dos(8058)参考:网址:http://www.iss.net/security_center/static/8058.php早些时候在空间站我后卫2.9和缓冲区溢出,我代理3.0和3.1,和RealSecure服务器传感器6.0.1中和6.5允许远程攻击者可能导致拒绝服务(崩溃)和执行任意代码通过一个大型ICMP洪水ping包。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0237 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0197网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0197最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020122 psyBNC 2.3 Beta -加密文本“spoofable”别人的irc终端参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101173478806580&w=2参考:BUGTRAQ: 20020122 psyBNC2.3β-加密文本spoofable在其他irc终端参考:网址:http://online.securityfocus.com/archive/1/251832参考:XF: psybnc-view-encrypted-messages(7985)参考:网址:http://www.iss.net/security_center/static/7985.php参考:报价:3931参考:网址:http://www.securityfocus.com/bid/3931psyBNC 2.3 beta允许远程攻击者恶搞加密的早些时候,可信的消息发送,从“[B]”序列,使得出现合法的消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0197 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0207网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0207最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:VULN-DEV: 20020105 RealPlayer缓冲问题参考:网址:http://archives.neohapsis.com/archives/vuln-dev/2002-q1/0044.html参考:BUGTRAQ: 20020124潜在RealPlayer 8脆弱性参考:网址:http://online.securityfocus.com/archive/1/252414参考:BUGTRAQ: 20020124 RealPlayer缓冲区溢出(前哨鸡网络安全咨询# 01)参考:网址:http://online.securityfocus.com/archive/1/252425参考:MISC:http://sentinelchicken.com/advisories/realplayer/参考:报价:3809参考:网址:http://online.securityfocus.com/bid/3809参考:XF: realplayer-file-header-bo(7839)参考:网址:http://www.iss.net/security_center/static/7839.php缓冲区溢出在现实网络RealPlayer 8.0和更早的允许远程攻击者执行任意代码通过一个头长度值超过头的实际长度。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0207 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0209网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0209最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020125 Alteon ACEdirector签名/安全缺陷参考:网址:http://online.securityfocus.com/archive/1/252455参考:BUGTRAQ: 20020312 Re: Alteon ACEdirector签名/安全缺陷参考:网址:http://online.securityfocus.com/archive/1/261548参考:报价:3964参考:网址:http://online.securityfocus.com/bid/3964参考:XF: acedirector-http-reveal-ip(8010)参考:网址:http://www.iss.net/security_center/static/8010.php北电Alteon ACEdirector WebOS 9.0,与服务器负载平衡(SLB)和基于cookie持久性功能启用时,允许远程攻击者决定真正的web服务器的IP地址半睁的会话,导致ACEdirector从服务器发送数据包不改变地址的虚拟IP地址。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0209 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0198网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0198最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020122 pldaniels - ripMime和低相对于1.2.6吗?参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101182636812381&w=2参考:确认:http://pldaniels.org/ripmime/CHANGELOG参考:报价:3941参考:网址:http://online.securityfocus.com/bid/3941参考:XF: ripmime-long-filename-bo(7983)参考:网址:http://www.iss.net/security_center/static/7983.php缓冲区溢出在plDaniels ripMime早些时候,相对于1.2.6用于其他项目如xamime挠曲,允许远程攻击者通过附件执行任意代码在一个长文件名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0198 3供应商确认:是的更新日志内容决定:SF-CODEBASE确认:一条更新日志,可追溯到说:“2001年11月15日星期四“纠正与MIME_headers缓冲区溢出”。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0199网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0199最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020119 Shoutcast服务器1.8.3 win32参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101167484012724&w=2参考:报价:3934参考:网址:http://online.securityfocus.com/bid/3934在管理缓冲区溢出。cgi Nullsoft Shoutcast服务器1.8.3允许远程攻击者可能导致拒绝服务和执行任意代码通过一个参数与大量的反斜杠。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0199 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0200网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0200最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020122 CyberStop-Server-DoS-remote-attacks参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101174569103289&w=2参考:报价:3929参考:网址:http://online.securityfocus.com/bid/3929参考:XF: cyberstop-device-name-dos(7959)参考:网址:http://www.iss.net/security_center/static/7959.phpCyberstop Web服务器的Windows 0.1允许远程攻击者造成拒绝服务通过一个HTTP请求的ms - dos设备名称分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0200 3供应商确认:未知的内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0201网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0201最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020122 CyberStop-Server-DoS-remote-attacks参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101174569103289&w=2参考:报价:3930参考:网址:http://online.securityfocus.com/bid/3930参考:XF: cyberstop-long-request-dos(7960)参考:网址:http://www.iss.net/security_center/static/7960.phpCyberstop Web服务器的Windows 0.1允许远程攻击者可能导致拒绝服务(崩溃)和执行任意代码通过一个HTTP GET请求,可能引发缓冲区溢出。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0201 3供应商确认:未知的内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0202网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0202最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:CF参考:BUGTRAQ: 20020123 Vulnerabilty PaintBBS v1.2参考:网址:http://online.securityfocus.com/archive/1/251985参考:报价:3948参考:网址:http://online.securityfocus.com/bid/3948参考:XF: paintbbs-insecure-permissions(7982)参考:网址:http://www.iss.net/security_center/static/7982.phpPaintBBS 1.2安装特定的和不安全的文件和目录权限,允许本地用户(1)获得通过全局oekakibbs加密服务器密码。配置文件,或(2)通过对外公开/ oekaki /修改服务器配置文件夹中。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0202 3供应商确认:未知的内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0203网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0203最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020124 ISSTW安全咨询其舞曲企业3.11.903目录索引信息披露漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101190195430376&w=2参考:确认:http://www.tarantella.com/security/bulletin - 03. - htmlttawebtop。在其舞曲cgi SPARC Solaris和Linux Enterprise 3.20,和3.1 x 3.0 x包括3.11.903、允许远程攻击者通过空pg参数查看目录内容。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0203 3供应商确认:对咨询内容的决定:SF-LOC抽象:后续发布称,这个问题是“主要解决“通过报价:2890,cve - 2001 - 0805。然而,(1)cve - 2001 - 0805描述一个目录遍历问题,这个不,和(2)cve - 2001 - 0805是固定在version 3.01中,这个问题会影响更多的版本。因为不同的问题类型和不同版本,CD: SF-LOC清楚地表明,这两个问题应该分开。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0204网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0204最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020124 gnuchess缓冲区溢出vulnerabilty参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101189688815514&w=2参考:报价:3949参考:网址:http://online.securityfocus.com/bid/3949参考:XF: gnu-chess-bo(7991)参考:网址:http://www.iss.net/security_center/static/7991.php缓冲区溢出在GNU象棋(gnuchess) 5.02和更早的,如果修改或使用在网络容量与自己的设计为单用户应用程序,允许本地或远程攻击者通过一个长命令执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0204 3供应商确认:没有争议内容决定:包含定义:原文包含一个引用供应商的状态:“GNU象棋5代码没有写与安全作为首要目标,其目的是在用户自己的电脑本地运行,不提供网络接口……GNUchess没有内置互联网接口。”So, the discloser is trying to use the software in a way other than designed, and the software as provided has no vulnerabilities that an attacker could use to cause damage or gain privileges. Therefore, this report does not satisfy the CVE definition of a vulnerability or exposure, and probably should not be included in CVE, despite the fact that the vendor fixed the issue in 5.03. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0205 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0205最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:VULN-DEV: 20020104在PlumTree跨站点脚本吗?参考网址:http://online.securityfocus.com/archive/82/248396参考:BUGTRAQ: 20020124 Plumtree企业门户跨站点脚本(补丁)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101189911121808&w=2参考:报价:3799参考:网址:http://online.securityfocus.com/bid/3799参考:XF: plumtree-css-error(7817)参考:网址:http://www.iss.net/security_center/static/7817.php跨站点脚本(CSS)漏洞的错误。asp Plumtree公司门户网站3.5到4.5允许远程攻击者执行任意脚本在其他客户通过“描述”参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0205 3供应商确认:未知discloser-claimed确认:大参考说问题是解决供应商的“supportnet文章编号# 11012”。然而,供应商的web页面需要注册,所以它不能访问。因此,没有足够的信息来确定问题已经解决。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0206网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0206最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020116 PHP-Nuke允许命令执行&更多参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101121913914205&w=2参考:报价:3889参考:网址:http://online.securityfocus.com/bid/3889索引。php在旧金山Burzi PHP-Nuke 5.3.1早些时候,允许远程攻击者执行任意的php代码通过指定URL中的恶意代码文件参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0206 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0208网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0208最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020125识别PGP公司桌面7.1 PGPfire个人桌面防火墙安装(不需要启用)基于Microsoft Windows操作系统参考:网址:http://online.securityfocus.com/archive/1/252407参考:报价:3961参考:网址:http://online.securityfocus.com/bid/3961参考:XF: pgpfire-icmp-fingerprint(8008)参考:网址:http://www.iss.net/security_center/static/8008.phpPGP 7.1安全PGPfire窗口改变了系统的TCP / IP堆栈和修改数据包在ICMP错误消息的方式,允许远程攻击者确定系统PGPfire运行。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0208 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0210网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0210最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020126 bru备份程序参考:网址:http://online.securityfocus.com/archive/1/252614参考:报价:3970参考:网址:http://online.securityfocus.com/bid/3970参考:XF: bru-tmp-file-symlink(8003)参考:网址:http://www.iss.net/security_center/static/8003.phpsetlicense 31组备份和恢复实用工具(BRU) 17.0允许本地用户覆盖任意文件通过一个符号链接攻击/ tmp /蛮。$ $临时文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0210 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0212网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0212最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020126 (ARL02-A01)脆弱性主机控制器参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101224151705897&w=2参考:MISC:http://hostingcontroller.com/English/patches/ForAll/index.html参考:报价:3971参考:网址:http://online.securityfocus.com/bid/3971参考:XF: hosting-controller-brute-force(8006)参考:网址:http://www.iss.net/security_center/static/8006.php登录主机控制器1.1通过1.4.1返回不同的错误消息时提供了有效或无效用户,它允许远程攻击者确定的存在有效的用户名和更容易进行蛮力攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0212 3供应商确认:未知discloser-claimed确认:供应商web页面已经一片贴上“密码安全热修复(03/05/2002)。”However, this is dated more than a month after the discloser said a patch was available. The readme in the patch explicitly omits details, and the patched "updateuserdesc.asp" file does not seem to be related. Therefore, it is most likely that the advertised patch does NOT fix the vulnerability reported in this CVE item, and the vendor acknowledgement is vague at best. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0213 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0213最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:CF参考:BUGTRAQ: 20020128 (Hackerslab bug_paper] xka应用程序漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101223525118717&w=2参考:报价:3969参考:网址:http://online.securityfocus.com/bid/3969参考:XF: kashare-xkas-icon-symlink(8002)参考:网址:http://www.iss.net/security_center/static/8002.phpxka在Xinet K-AShare 0.011.01 IRIX允许本地用户读取任意文件通过一个符号链接攻击VOLICON文件,复制到.HSicon文件在共享目录。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0213 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0214网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0214最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020128英特尔WLAN驱动程序将128位wep密钥存储在纯文本!参考网址:http://online.securityfocus.com/archive/1/252607参考:报价:3968参考:网址:http://online.securityfocus.com/bid/3968参考:XF: intel-wlan-wep-plaintext(8015)参考:网址:http://www.iss.net/security_center/static/8015.php康柏英特尔PRO / 2011 b无线局域网USB设备驱动程序通过1.5.18.0 1.5.16.0存储128位WEP(有线等效隐私)密钥明文的注册表键较弱权限,允许本地用户解密网络流量通过阅读WEP密钥从注册表键。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0214 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0215网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0215最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020128 (SUPERPETZ咨询# 001 -集会。cgi秘密路径披露漏洞)参考:网址:http://online.securityfocus.com/archive/1/252761参考:报价:3976参考:网址:http://online.securityfocus.com/bid/3976参考:XF: agora-cgi-revel-path(8011)参考:网址:http://www.iss.net/security_center/static/8011.php集会。cgi 3.2 r通过4.0在调试模式允许远程攻击者确定市场的完整路径名。cgi文件要求一个不存在的. html文件,泄漏路径名的错误消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0215 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0216网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0216最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020129 Xoops SQL片段信息披露和SQL注入漏洞参考:网址:http://online.securityfocus.com/archive/1/252827参考:报价:3977参考:网址:http://online.securityfocus.com/bid/3977参考:XF: xoops-userinfo-information-disclosure(8028)参考:网址:http://www.iss.net/security_center/static/8028.php用户信息。php在XOOPS 1.0 RC1允许远程攻击者获取敏感信息通过SQL注入攻击“uid”参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0216 3供应商确认:未知的内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0217网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0217最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020129 Xoops私人消息系统脚本注入引用:网址:http://online.securityfocus.com/archive/1/252828参考:报价:3978参考:网址:http://online.securityfocus.com/bid/3978参考:报价:3981参考:网址:http://online.securityfocus.com/bid/3981参考:XF: xoops-private-message-css(8025)参考:网址:http://www.iss.net/security_center/static/8025.php参考:XF: xoops-pmlite-image-css(8030)参考:网址:http://www.iss.net/security_center/static/8030.php跨站点脚本(CSS)漏洞在私人消息XOOPS系统1.0 RC1允许远程攻击者执行Javascript在其他web客户端通过(1)标题字段或一个私人消息框或(2)图像在pmlite.php参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0217 3供应商确认:未知的内容决定:SF-LOC抽象:CD: SF-LOC建议把相同类型的问题,结合影响同一版本,到一个单独的项目。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0218网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0218最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020129 sastcpd缓冲区溢出和格式字符串漏洞参考:网址:http://online.securityfocus.com/archive/1/252891参考:BUGTRAQ: 20020129 Re: [VulnWatch] sastcpd缓冲区溢出和格式字符串漏洞参考:网址:http://online.securityfocus.com/archive/1/252847参考:MISC:http://www.sas.com/service/techsup/unotes/SN/004/004201.html参考:报价:3980参考:网址:http://online.securityfocus.com/bid/3980格式字符串漏洞在(1)sastcpd SAS /基地8.0和8.1或(2)objspawn SAS /集成技术8.0和8.1允许本地用户执行任意代码通过在命令行参数格式说明符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0218 3供应商确认:未知的模糊的内容决定:SF-LOC, SF-EXEC,模糊的承认:一个帖子声称SAS咨询(这里列为MISC作参考)“似乎(地址)”这个漏洞。然而,这不能作为CVE足够的供应商确认。审查咨询一些证据表明供应商解决这个问题,但是供应商不够清晰肯定这供应商是解决* *的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0219网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0219最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020129 sastcpd缓冲区溢出和格式字符串漏洞参考:网址:http://online.securityfocus.com/archive/1/252891参考:BUGTRAQ: 20020129 Re: [VulnWatch] sastcpd缓冲区溢出和格式字符串漏洞参考:网址:http://online.securityfocus.com/archive/1/252847参考:MISC:http://www.sas.com/service/techsup/unotes/SN/004/004201.html参考:报价:3979参考:网址:http://online.securityfocus.com/bid/3979缓冲区溢出(1)sastcpd在SAS /基地8.0和8.1或(2)objspawn SAS /集成技术8.0和8.1允许本地用户执行任意代码通过命令行参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0219 3供应商确认:未知的模糊的内容决定:SF-LOC, SF-EXEC,模糊的承认:一个帖子声称SAS咨询(这里列为MISC作参考)“似乎(地址)”这个漏洞。然而,这不能作为CVE足够的供应商确认。审查咨询一些证据表明供应商解决这个问题,但是供应商不够清晰肯定这供应商是解决* *的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0220网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0220最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020129 PhpSmsSend远程执行命令错误引用:网址:http://online.securityfocus.com/archive/1/252918参考:报价:3982参考:网址:http://online.securityfocus.com/bid/3982参考:XF: phpsmssend-command-execution(8019)参考:网址:http://www.iss.net/security_center/static/8019.phpphpsmssend。php在PhpSmsSend 1.0允许远程攻击者执行任意命令通过一个包含shell元字符的短信。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0220 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0221网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0221最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020129漏洞EServ 2.97参考:网址:http://online.securityfocus.com/archive/1/252944参考:报价:3983参考:网址:http://online.securityfocus.com/bid/3983参考:XF: eserv-pasv-dos(8020)参考:网址:http://www.iss.net/security_center/static/8020.phpEtype Eserv 2.97允许远程攻击者造成拒绝服务(资源枯竭)通过大量PASV命令,使用端口1024年到5000年,这可以防止服务器接受PASV有效。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0221 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0222网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0222最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:参考:BUGTRAQ: 20020129漏洞EServ 2.97参考:网址:http://online.securityfocus.com/archive/1/252944参考:报价:3986参考:网址:http://online.securityfocus.com/bid/3986参考:XF: eserv-ftp-bounce(8021)参考:网址:http://www.iss.net/security_center/static/8021.phpEtype Eserv 2.97允许远程攻击者将流量重定向到其他网站通过端口的命令(又名FTP反弹)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0222 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0223网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0223最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020130 (WWWThreads, UBBThreads)安全漏洞上传系统参考:网址:http://online.securityfocus.com/archive/1/253172参考:XF: ubbthreads-file-upload(8022)参考:网址:http://www.iss.net/security_center/static/8022.php参考:报价:3993参考:网址:http://online.securityfocus.com/bid/3993Infopop UBB。线程s 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension. Analysis ---------------- ED_PRI CAN-2002-0223 3 Vendor Acknowledgement: unknown Content Decisions: SF-CODEBASE ABSTRACTION: The product was originally known as wwwthreads but was bought by Infopop and they changed the name to UBBthreads. By CD:SF-CODEBASE, the two issues should be MERGED. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0224 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0224最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020131 msdtc 3372参考:网址:http://online.securityfocus.com/archive/1/253360毕马威参考:BUGTRAQ: 20020419 - 2002015:微软分布式事务协调员DoS参考:网址:http://online.securityfocus.com/archive/1/268593参考:报价:4006参考:网址:http://online.securityfocus.com/bid/4006MSDTC(微软分布式事务服务协调员)微软的Windows 2000, Microsoft IIS 5.0通过SQL和SQL Server 6.5 2000 0.0允许远程攻击者造成拒绝服务(崩溃或挂起)通过畸形(随机)输入。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0224 3供应商确认:未知的模糊的内容决定:模糊的承认:它不能确切证明是否微软已经修正这个问题。4月19日文章的作者彼得•Grundl说微软公报ms02 - 018修复这个问题,但是Grundl说ms02 - 018“没有提到这个弱点。”Since Grundl is already credited in MS02-018 with finding an "HTR ISAPI extension" overflow (CAN-2002-0071), this issue is clearly different than CAN-2002-0071. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0225 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0225最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:CF参考:BUGTRAQ: 20020130 F4.0.4 tac_plus版本。α至少8 sparc Solaris参考:网址:http://online.securityfocus.com/archive/1/253288参考:报价:4003参考:网址:http://www.securityfocus.com/bid/4003参考:XF: tacplus-insecure-accounting-files(8061)参考:网址:http://www.iss.net/security_center/static/8061.phptac_plus Tacacs +守护进程F4.0.4。α,最初由思科,创建文件从会计指令和全局可写的权限,它允许本地用户访问和修改敏感文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0225 3供应商确认:未知的内容决定:EX-BETA投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0227网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0227最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020201 KICQ 2.0.0b1可以远程坠毁参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101266856410129&w=2参考:报价:4018参考:网址:http://online.securityfocus.com/bid/4018参考:XF: kicq-telnet-dos(8064)参考:网址:http://www.iss.net/security_center/static/8064.phpKICQ 2.0.0b1允许远程攻击者造成拒绝服务(崩溃)通过一个畸形的消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0227 3供应商确认:未知的内容决定:EX-BETA, EX-CLIENT-DOS投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0228网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0228最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020202 MSN网站显示你的名字(也可以揭示电子邮件地址)参考:网址:http://online.securityfocus.com/archive/1/254021参考:XF: msn-messenger-reveal-information(8084)参考:网址:http://www.iss.net/security_center/static/8084.php参考:报价:4028参考:网址:http://online.securityfocus.com/bid/4028微软MSN Messenger允许远程攻击者使用Javascript引用一个ActiveX对象获取敏感信息如显示名称和网站导航,并可能更当用户连接到微软网站(或DNS-spoofed网站)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0228 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0229网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0229最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:NTBUGTRAQ: 20020203 PHP文件系统安全模式规避问题参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=101285016125377&w=2参考:BUGTRAQ: 20020203 PHP文件系统安全模式规避问题参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101286577109716&w=2参考:NTBUGTRAQ: 20020205 Re: PHP文件系统安全模式规避问题参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=101303065423534&w=2参考:BUGTRAQ: 20020206 DW020203-PHP澄清参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101304702002321&w=2参考:NTBUGTRAQ: 20020206 DW020203-PHP澄清参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=101303819613337&w=2参考:报价:4026参考:网址:http://online.securityfocus.com/bid/4026参考:XF: php-mysql-safemode-bypass(8105)参考:网址:http://www.iss.net/security_center/static/8105.php安全模式特性(safe_mode)在PHP 3.0 4.1.0允许攻击者访问MySQL数据库绕过安全模式访问限制和读取任意文件使用“数据加载INFILE当地“SQL语句。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0229 3供应商确认:一个后续文章表明,这种类型的漏洞可能只存在于某些不安全的MySQL配置,在这种情况下,投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0231网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0231最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020203缓冲区溢出mIRC允许执行任意代码。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101286747013955&w=2参考:MISC:http://www.uuuppz.com/research/adv - 001 mirc.htm参考:XF: mirc-nickname-bo(8083)参考:网址:http://www.iss.net/security_center/static/8083.php参考:报价:4027参考:网址:http://online.securityfocus.com/bid/40275.91和更早的缓冲区溢出的mIRC允许远程服务器执行任意代码在客户端通过一个昵称。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0231 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0232网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0232最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020202新咨询参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101266821909189&w=2参考:报价:4017参考:网址:http://www.securityfocus.com/bid/4017参考:XF: mrtg-cgi-view-files(8062)参考:网址:http://www.iss.net/security_center/static/8062.php目录遍历漏洞多路由器流量记录仪(MRTG)允许远程攻击者读取任意文件的部分通过一个. .(点点)cfg参数(1)14。cgi, (2) 14 - 1.1。cgi,(3)流量。cgi或(4)mrtg.cgi。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0232 3供应商确认:内容决定:SF-EXEC抽象:CD: SF-EXEC表明结合问题相同类型的多个可执行文件的同一个版本相同的包中。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0233网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0233最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020205查看任意文件从文件系统使用Eshare表达式4服务器参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101292885809975&w=2参考:XF: expressions-dot-directory-traversal(8079)参考:网址:http://www.iss.net/security_center/static/8079.php参考:报价:4029参考:网址:http://www.securityfocus.com/bid/4029目录遍历脆弱性eshare表达式4 Web服务器允许远程攻击者读取任意文件通过一个. .(点点)在一个HTTP请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0233 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0234网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0234最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020205防火墙应对ScreenOS端口扫描DoS脆弱性参考:网址:http://online.securityfocus.com/archive/1/254268参考:BUGTRAQ: 20020201防火墙ScreenOS 2.6受信任接口DoS引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101258281818524&w=2参考:BUGTRAQ: 20020201 RE:防火墙ScreenOS 2.6受信任接口DoS引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101258887105690&w=2参考:报价:4015参考:网址:http://www.securityfocus.com/bid/4015参考:XF: netscreen-screenos-scan-dos(8057)参考:网址:http://www.iss.net/security_center/static/8057.php网屏ScreenOS 2.6.1之前不支持的最大并发会话数系统,它允许攻击者在可信网络导致拒绝服务(资源枯竭)通过一个端口扫描到外部网络,这消耗所有可用的连接。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0234 3供应商确认:是的后续内容决定:SECTOOL-DESIGN投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0235网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0235最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020205 Castelle Faxpress:密码用于NT打印队列可以discl应该在纯文本参考:网址:http://online.securityfocus.com/archive/1/254168参考:报价:4030参考:网址:http://www.securityfocus.com/bid/4030参考:XF: faxpress-plaintext-password(8086)参考:网址:http://www.iss.net/security_center/static/8086.phpCastelle FaxPress,可能6.3和其他版本,配置为使用网络打印队列时,允许攻击者获得用户名和密码通过提交一个不正确的登录,导致FaxPress泄漏明文的正确的用户名和密码错误事件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0235 3供应商确认:未知discloser-claimed确认:Castelle技术支持不是通过电子邮件访问;不能填写申请表(需要注册码)的支持。一般在线反馈调查http://www.castelle.com/feedback_form.htm2002年3月15日。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0236网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0236最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020205漏洞的报告发表在朗讯VitalSuite软件参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101294507827698&w=2参考:XF: vitalnet-unauth-access(7936)参考:网址:http://www.iss.net/security_center/static/7936.php参考:报价:3784参考:网址:http://www.securityfocus.com/bid/3784朗讯VitalSuite 8.0到8.2,包括VitalNet VitalEvent,和VitalHelp / VitalAnalysis,允许远程攻击者绕过身份验证通过直接VsSetCookie HTTP请求。exe程序时,它返回一个有效的饼干所需的用户。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0236 3供应商确认:对咨询内容的决定:SF-EXEC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0238网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0238最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020203 Netgear RT311 / RT314参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101286360203461&w=2参考:XF: netgear-web-interface-css(8082)参考:网址:http://www.iss.net/security_center/static/8082.php参考:报价:4024参考:网址:http://online.securityfocus.com/bid/4024跨站点脚本漏洞在网络管理接口NetGear RT314和RT311网关路由器允许远程攻击者执行任意脚本在另一个客户端通过一个URL包含脚本。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0238 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论: